Page Menu
Home
Software Heritage
Search
Configure Global Search
Log In
Files
F9696424
passenger.pp
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
2 KB
Subscribers
None
passenger.pp
View Options
# == Class: puppet::server::passenger
#
# Set up the puppet server using passenger and apache.
#
class
puppet
::
server
::
passenger
(
$app_root
=
$::puppet::server_app_root,
$passenger_max_pool
=
$::puppet::server_passenger_max_pool,
$port
=
$::puppet::server_port,
$ssl_ca_cert
=
$::puppet::server::ssl_ca_cert,
$ssl_ca_crl
=
$::puppet::server::ssl_ca_crl,
$ssl_cert
=
$::puppet::server::ssl_cert,
$ssl_cert_key
=
$::puppet::server::ssl_cert_key,
$ssl_chain
=
$::puppet::server::ssl_chain,
$ssl_dir
=
$::puppet::server_ssl_dir,
$puppet_ca_proxy
=
$::puppet::server_ca_proxy,
$user
=
$::puppet::server_user
)
{
include
::
puppet
::
server
::
rack
include
::
apache
include
::
apache
::
mod
::
passenger
case
$::operatingsystem
{
Debian
,
Ubuntu
:
{
file
{
'/etc/default/puppetmaster'
:
content
=>
"START=no\n"
,
before
=>
Class
[
'puppet::server::install'
],
}
}
default
:
{
# nothing to do
}
}
$directories
=
[
{
'path'
=>
"${app_root}/public/"
,
'passenger_enabled'
=>
'On'
,
},
]
# The following client headers allow the same configuration to work with Pound.
$request_headers
=
[
'set X-SSL-Subject %{SSL_CLIENT_S_DN}e'
,
'set X-Client-DN %{SSL_CLIENT_S_DN}e'
,
'set X-Client-Verify %{SSL_CLIENT_VERIFY}e'
,
'unset X-Forwarded-For'
,
]
if
$puppet_ca_proxy
!=
''
{
include
apache
::
mod
::
proxy
include
apache
::
mod
::
proxy_http
$custom_fragment
=
"ProxyPassMatch ^/([^/]+/certificate.*)$ ${puppet_ca_proxy}/\$1"
}
else
{
$custom_fragment
=
''
}
apache
::
vhost
{
'puppet'
:
docroot
=>
"${app_root}/public/"
,
directories
=>
$directories,
port
=>
$port,
ssl
=>
true
,
ssl_cert
=>
$ssl_cert,
ssl_key
=>
$ssl_cert_key,
ssl_ca
=>
$ssl_ca_cert,
ssl_crl
=>
$ssl_ca_crl,
ssl_chain
=>
$ssl_chain,
ssl_protocol
=>
'-ALL +SSLv3 +TLSv1'
,
ssl_cipher
=>
'ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP'
,
ssl_verify_client
=>
'optional'
,
ssl_options
=>
'+StdEnvVars +ExportCertData'
,
ssl_verify_depth
=>
'1'
,
ssl_proxyengine
=>
$puppet_ca_proxy
!=
''
,
custom_fragment
=>
$custom_fragment,
request_headers
=>
$request_headers,
options
=>
[
'None'
],
require
=>
Class
[
'::puppet::server::rack'
],
}
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Mon, Aug 18, 8:03 PM (11 h, 35 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3463923
Attached To
rSPPUP puppet-theforeman-puppet
Event Timeline
Log In to Comment